diff options
| author | Tom Lendacky <thomas.lendacky@amd.com> | 2020-09-07 16:16:12 +0300 |
|---|---|---|
| committer | Borislav Petkov <bp@suse.de> | 2020-09-10 22:48:50 +0300 |
| commit | 39336f4ffb2478ad384075cf4ba7ef2e5db2bbd7 (patch) | |
| tree | a3b7660370d24d993046a07b47364e1a73fa8b1f /arch/x86/include/asm/sev-es.h | |
| parent | 4ca68e023b11e4d5908bf9ee326fab01111d77d5 (diff) | |
| download | linux-39336f4ffb2478ad384075cf4ba7ef2e5db2bbd7.tar.xz | |
x86/efi: Add GHCB mappings when SEV-ES is active
Calling down to EFI runtime services can result in the firmware
performing VMGEXIT calls. The firmware is likely to use the GHCB of the
OS (e.g., for setting EFI variables), so each GHCB in the system needs
to be identity-mapped in the EFI page tables, as unencrypted, to avoid
page faults.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
[ jroedel@suse.de: Moved GHCB mapping loop to sev-es.c ]
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lkml.kernel.org/r/20200907131613.12703-72-joro@8bytes.org
Diffstat (limited to 'arch/x86/include/asm/sev-es.h')
| -rw-r--r-- | arch/x86/include/asm/sev-es.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/x86/include/asm/sev-es.h b/arch/x86/include/asm/sev-es.h index e919f09ae33c..cf1d957c7091 100644 --- a/arch/x86/include/asm/sev-es.h +++ b/arch/x86/include/asm/sev-es.h @@ -102,11 +102,13 @@ static __always_inline void sev_es_nmi_complete(void) if (static_branch_unlikely(&sev_es_enable_key)) __sev_es_nmi_complete(); } +extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd); #else static inline void sev_es_ist_enter(struct pt_regs *regs) { } static inline void sev_es_ist_exit(void) { } static inline int sev_es_setup_ap_jump_table(struct real_mode_header *rmh) { return 0; } static inline void sev_es_nmi_complete(void) { } +static inline int sev_es_efi_map_ghcbs(pgd_t *pgd) { return 0; } #endif #endif |